
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 

Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.usplo.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



09/843,403 



04/26/2001 



Shinako Matsuyama 



26263 7590 10/22/2004 

SONNENSCHEIN NATH & ROSENTHAL LLP 
P.O. BOX 061080 

WACKER DRIVE STATION, SEARS TOWER 
CHICAGO, IL 60606-1080 



09792909-5002 



3425 



EXAMINER 



LANIER, BENJAMIN E 



ART UNIT 



PAPER NUMBER 



2132 



DATE MAILED: 10/22/2004 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Off icq Action Summarv 


Application No. 

09/843,403 


Applicant(s) 

MATSUYAMA ET AL. 


Examiner 

Benjamin E Lanier 


Art Unit 

2132 





-- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) 13 Claim(s) 1-42 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) M Claim(s) 7-42 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 26 April 2001 is/are: a)M accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) HTAcknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)&*H b)D Some * c)D None of: 

1 .EhXertified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Claim Rejections - 35 USC § 112 

1 . The following is a quotation of the second paragraph of 35 U.S.C 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

2. Claims 5, 7, 9, 10, 19, 21, 22 are rejected under 35 U.S.C. 1 12, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

3. Claims 5, 7, 9, 19, 21 recite the limitation "the service providers". There is insufficient 
antecedent basis for this limitation in the claim. 

4. Claims 10, 22 recite the limitation "the service receiving devices". There is insufficient 
antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 

basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 35 1(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

6. . Claims 1-6, 8-13, 15-18, 20-24, 26-42 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Doyle, U.S. Patent No. 6,128,738. Referring to claims 1-4, 6, 1 1-13, 15-18, 23, 
24, 26, 27, 30-32, 35-40, 42, Doyle discloses certificate-based security wherein a user, which 
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meets the limitation of a service receiving device, requests access to secure applications from a 
host computer by mutual authentication (Col. 4, lines 63-66), which meets the limitation of 
service provider which is an authentication object that provides services and the service 
receiving device that is also is an authentication object and receives services provided by the 
service provider, using a user certificate and signature that was created by a gateway system 
(Col 4, lines 22-55). The gateway system creates the certificate and signature in response to a 
request by a user for certification information (Col. 3, lines 1-14), which meets the limitations of 
an access control server registration server, wherein the access control server registration server 
is configured to execute a processing for requesting access control server to execute issuance of 
the access permission, upon receipt of an access permission issuance request from the service 
receiving device, at least one system holder which is an organization that provides or controls 
contents usable by a user terminal, the system holder is configured to administrate the service 
provider and the service receiving device and to treat the service provider and the service 
receiving device as authentication objects. If the user's certificate and signature are authenticated 
at the host system the user is granted access to the secure applications, if not then the session is 
rejected (Col. 4, lines 49-55), which meets the limitation of wherein the service provider 
performs, based on the access permission, a decision as to whether an access request by the 
service receiving device is to be permitted. The user computer contains a storage means to store 
the security packet and certificate information (Col, 3, lines 46-53 & Fig. 5), which meets the 
limitation of a data storage means that stores an access permission containing service provider 
identification data which identifies the service provider an access to which by a device has been 
permitted. 
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Referring to claim 5, Doyle discloses that the user certificate can provide user access to a 
plurality of host applications (Col. 5, line 59 - Col. 6, line 14). 

Referring to claims 8, 20, Doyle discloses that the certificates and signatures created are 
usable for a plurality of services (Col. 1, line 66 - Col. 2, line 15). 

Referring to claims 9, 21, 28, 34, Doyle discloses that the certificate is an electronic 
statement of identity that allows building a trust relationship between parties wishing to 
exchange information using a preexisting trust relationship that each of the parties has with a 
third party (Col. 1, lines 5-9), which meets the limitations of an access control server set fixed 
field set by the access control server, and a service provider set option field set by each of the 
service providers. The certificate is created with digital signature information (Col 3, lines 1- 
10), which meets the limitation of an electronic signature field to be performed by the access 
control sever. 

Referring to claims 10, 22, Doyle discloses that the certificate contains user information 
that is a replacement for a user id and password (Col. 3, lines 4-9). 

Referring to claims 29, 33, 41, Doyle discloses that the user signature is used to encrypt 
the security packet before it is transmitted (Col. 3, line 46 - Col. 4, line 14). 

Claim Rejections - 35 USC §103 
7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 
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8. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

9. Claim 14, 25 is rejected under 35 U.S.C. 103(a) as being unpatentable over Doyle, U.S. 
Patent No. 6,128,738, in view of Misra, U.S. Patent No. 5,757,920. Referring to claim 14, 25, 
Doyle discloses certificate-based security wherein a user, which meets the limitation of a service 
receiving device, requests access to secure applications from a host computer by mutual 
authentication (Col. 4, lines 63-66), which meets the limitation of service provider which is an 
authentication object that provides services and the service receiving device that is also is an 
authentication object and receives services provided by the service provider, using a user 
certificate and signature that was created by a gateway system (Col. 4, lines 22-55). The gateway 
system creates the certificate and signature in response to a request by a user for certification 
information (Col. 3, lines 1-14), which meets the limitations of an access control server 
registration server, wherein the access control server registration server is configured to execute 
a processing for requesting access control server to execute issuance of the access permission, 
upon receipt of an access permission issuance request from the service receiving device, at least 
one system holder which is an organization that provides or controls contents usable by a user 
terminal, the system holder is configured to administrate the service provider and the service 
receiving device and to treat the service provider and the service receiving device as 
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authentication objects. If the user's certificate and signature are authenticated at the host system 
the user is granted access to the secure applications, if not then the session is rejected (Col 4, 
lines 49-55), which meets the limitation of wherein the service provider performs, based on the 
access permission, a decision as to whether an access request by the service receiving device is 
to be permitted. Doyle does not disclose that the certificates are revocable. Misra discloses a 
logon certification system wherein the certificates have expiration dates and are revocable (Col. 

9, lines 60-67). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made for the certificates of Doyle to be revocable in order to limit the security risk 
of having valid certificates for user accounts that are inactive as taught in Misra (Col. 10, lines 1- 
13). 

Conclusion 

10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin E Lanier whose telephone number is 703-305-7684. 
The examiner can normally be reached on M-ThO 7:30am-5:00pm, F 7:30am-4pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (703)305-1830. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 





Benjamin E. Lanier 
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SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



